update e2e trigger, add deduplicate workflow

KrumTy · KrumTy · commit 3125018b8a31 · 2025-08-13T13:42:01.000+03:00
diff --git a/.github/workflows/approval-dedupe.yml b/.github/workflows/approval-dedupe.yml
@@ -0,0 +1,182 @@
+# Reusable workflow: Approval-based deduplication by PR head SHA
+#
+# Purpose
+# - Gate heavy CI jobs to run only on Approved PR reviews (or manual dispatch in the caller),
+# - De-duplicate runs for the same PR head SHA:
+#   - mode=run: no prior run found → caller should run heavy jobs
+#   - mode=wait: a prior run is queued/in_progress → this workflow waits and mirrors its result
+#   - mode=mirror_completed: a prior run already completed → mirror its conclusion immediately
+#   - mode=noop: not an approved review (and not allowed workflow_dispatch) → do nothing
+#
+# How to use (in a caller workflow):
+# - Ensure the caller triggers on: pull_request_review: [submitted] and/or workflow_dispatch
+# - Add a job that calls this workflow:
+#     jobs:
+#       approval-dedupe:
+#         uses: ./.github/workflows/approval-dedupe.yml
+#         secrets: inherit
+#         with:
+#           workflow_filename: tests-e2e.yml   # set to the caller's filename
+#           require_approval: true             # only run on Approved reviews
+#           allow_workflow_dispatch: true      # allow manual runs to go to mode=run
+# - Gate heavy jobs in the caller with:
+#     needs: approval-dedupe
+#     if: needs.approval-dedupe.outputs.mode == 'run'
+# - Recommended in caller: set concurrency to key by head SHA and cancel-in-progress: false
+#
+
+name: Approval Deduplicate
+
+on:
+  workflow_call:
+    inputs:
+      workflow_filename:
+        description: The workflow filename to inspect for prior runs (e.g., tests-e2e.yml)
+        required: true
+        type: string
+        default: tests-e2e.yml
+      require_approval:
+        description: Require an Approved review to proceed (ignored for workflow_dispatch when allowed)
+        required: false
+        type: boolean
+        default: true
+      allow_workflow_dispatch:
+        description: Allow workflow_dispatch to always run heavy jobs
+        required: false
+        type: boolean
+        default: true
+      head_sha:
+        description: Optional explicit head SHA to use for de-duplication. Defaults to PR head SHA
+        required: false
+        type: string
+    outputs:
+      mode:
+        description: One of run | wait | mirror_completed | noop
+        value: ${{ jobs.gate.outputs.mode }}
+      target_run_id:
+        description: If mode == wait, the prior run id to wait on
+        value: ${{ jobs.gate.outputs.target_run_id }}
+      prev_conclusion:
+        description: If mode == mirror_completed, the conclusion to mirror
+        value: ${{ jobs.gate.outputs.prev_conclusion }}
+
+permissions:
+  actions: read
+  contents: read
+
+jobs:
+  gate:
+    name: Gate and determine mode
+    runs-on: ubuntu-latest
+    outputs:
+      mode: ${{ steps.check.outputs.mode }}
+      target_run_id: ${{ steps.check.outputs.target_run_id }}
+      prev_conclusion: ${{ steps.check.outputs.prev_conclusion }}
+    steps:
+      - name: Determine mode
+        id: check
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const requireApproval = core.getInput('require_approval') === 'true'
+            const allowDispatch = core.getInput('allow_workflow_dispatch') === 'true'
+            const workflowFilename = core.getInput('workflow_filename') || 'tests-e2e.yml'
+            const explicitSha = (core.getInput('head_sha') || '').trim()
+
+            if (context.eventName === 'workflow_dispatch' && allowDispatch) {
+              core.setOutput('mode', 'run')
+              return
+            }
+
+            if (requireApproval) {
+              const approved = (context.eventName === 'pull_request_review') &&
+                               (context.payload.review?.state?.toLowerCase() === 'approved')
+              if (!approved) {
+                core.setOutput('mode', 'noop')
+                return
+              }
+            }
+
+            const sha = explicitSha || context.payload.pull_request?.head?.sha
+            if (!sha) {
+              core.setOutput('mode', 'run')
+              return
+            }
+
+            const resp = await github.rest.actions.listWorkflowRuns({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              workflow_id: workflowFilename,
+              head_sha: sha,
+              per_page: 50,
+            })
+
+            const currentRunId = context.runId
+            const runs = (resp.data.workflow_runs || []).filter(r => r.id !== currentRunId)
+            const active = runs.find(r => ['queued', 'in_progress'].includes(r.status))
+            if (active) {
+              core.setOutput('mode', 'wait')
+              core.setOutput('target_run_id', String(active.id))
+              return
+            }
+
+            const completed = runs
+              .filter(r => r.status === 'completed')
+              .sort((a, b) => new Date(b.created_at) - new Date(a.created_at))[0]
+            if (completed) {
+              core.setOutput('mode', 'mirror_completed')
+              core.setOutput('prev_conclusion', completed.conclusion || '')
+              return
+            }
+
+            core.setOutput('mode', 'run')
+
+  wait-previous:
+    name: Wait for previous run
+    needs: gate
+    if: needs.gate.outputs.mode == 'wait'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Wait and mirror
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const runId = Number('${{ needs.gate.outputs.target_run_id }}')
+            const poll = async () => {
+              const { data } = await github.rest.actions.getWorkflowRun({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                run_id: runId,
+              })
+              return data
+            }
+            let data = await poll()
+            const started = Date.now()
+            while (data.status !== 'completed') {
+              if (Date.now() - started > 60 * 60 * 1000) {
+                core.setFailed('Timeout waiting for prior run')
+                return
+              }
+              await new Promise(r => setTimeout(r, 15000))
+              data = await poll()
+            }
+            const conclusion = data.conclusion || 'failure'
+            if (conclusion !== 'success') {
+              core.setFailed(`Mirroring prior run conclusion: ${conclusion}`)
+            }
+
+  mirror-completed:
+    name: Mirror completed run
+    needs: gate
+    if: needs.gate.outputs.mode == 'mirror_completed'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Mirror result
+        run: |
+          echo "Previous conclusion: ${{ needs.gate.outputs.prev_conclusion }}"
+          if [ "${{ needs.gate.outputs.prev_conclusion }}" != "success" ]; then
+            echo "Mirroring failure"
+            exit 1
+          fi
+          echo "Mirroring success"
+
diff --git a/.github/workflows/tests-e2e.yml b/.github/workflows/tests-e2e.yml
@@ -18,53 +18,21 @@ permissions:
 # Cancel a previous run workflow
 concurrency:
   group: ${{ github.workflow }}-${{ github.event.pull_request.head.sha || github.ref }}-e2e
-  cancel-in-progress: true
+  cancel-in-progress: false
 
 jobs:
-  gate:
-    name: Gate on approval and dedupe
-    runs-on: ubuntu-latest
-    outputs:
-      should_run: ${{ steps.check.outputs.should_run }}
-    steps:
-      - name: Check approval and prior successful runs
-        id: check
-        uses: actions/github-script@v7
-        with:
-          script: |
-            if (context.eventName === 'workflow_dispatch') {
-              core.setOutput('should_run', 'true')
-              return
-            }
-
-            const approved = (context.eventName === 'pull_request_review') &&
-                             (context.payload.review?.state?.toLowerCase() === 'approved')
-
-            if (!approved) {
-              core.setOutput('should_run', 'false')
-              return
-            }
-
-            const sha = context.payload.pull_request?.head?.sha
-            if (!sha) {
-              core.setOutput('should_run', 'true')
-              return
-            }
-
-            const resp = await github.rest.actions.listWorkflowRuns({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              workflow_id: 'tests-e2e.yml',
-              head_sha: sha,
-            })
-            const hasSuccess = resp.data.workflow_runs.some(r => r.conclusion === 'success')
-
-            core.setOutput('should_run', hasSuccess ? 'false' : 'true')
+  approval-dedupe:
+    uses: ./.github/workflows/approval-dedupe.yml
+    secrets: inherit
+    with:
+      workflow_filename: tests-e2e.yml
+      require_approval: true
+      allow_workflow_dispatch: true
 
   # E2E Docker
   build-docker:
-    needs: gate
-    if: needs.gate.outputs.should_run == 'true'
+    needs: approval-dedupe
+    if: needs.approval-dedupe.outputs.mode == 'run'
     uses: ./.github/workflows/pipeline-build-docker.yml
     secrets: inherit
     with:
@@ -87,8 +55,8 @@ jobs:
 
   # E2E AppImage
   build-appimage:
-    needs: gate
-    if: needs.gate.outputs.should_run == 'true'
+    needs: approval-dedupe
+    if: needs.approval-dedupe.outputs.mode == 'run'
     uses: ./.github/workflows/pipeline-build-linux.yml
     secrets: inherit
     with:
